| | I have hundreds of hosts within a tier and would like to combine those hosts for the purposes of reporting. For exam... 0 4 | 0 | 4 | |
| | Hello, I have 3 saved searches that are pretty much all the same except for the source. the searches are: sourcety... 1 3 | 1 | 3 | |
| | I have the following command that does exactly what I need it to do....search for "eth_port_channel" and build a Rege... 1 4 | 1 | 4 | |
| | I am trying to 'reduce' a search scope using addterm : <module name="HiddenSavedSearch" > <param name="savedSearch... 1 3 | 1 | 3 | |
| | What are the expecting results? How long should it take? 1 1 | 1 | 1 | |
| | When I create a chart it takes the bottom results and creates a category called Other. I want to show the results tha... 0 6 | 0 | 6 | |
| | When I print one of my charts with Actions->Print... or Ctrl+P ,the bar or column charts came out to be very very... 1 3 | 1 | 3 | |
| | Does anyone know how to set-up saved serarch to generate RSS feed that includes the actual event contents or specific... 0 1 | 0 | 1 | |
| | I have a SYSLOG output from a netscreen. There are two fields in each record that contain a value (sent) and (rcvd)... 0 1 | 0 | 1 | |
| | I created an alert that will email me any errors that come from my various scripted inputs. The search itself seems ... 0 5 | 0 | 5 | |
| | Search head is version 4.1.5. I have a scheduled search that emails the report of all searches run in the past 7 day... 1 7 | 1 | 7 | |
| | Suppose I have a collection of hosts, and I have a search string that works really well when you specify only one hos... 1 4 | 1 | 4 | |
| | My 4.1.4 Splunk instance on MacOS 10.6.4 will no longer allow me to save searches, complaining with the error: 'splun... 0 1 | 0 | 1 | |
| | Some customers ask questions about how to send email from web. And I did a test. I input command "sourcetype="acces... 0 2 | 0 | 2 | |
| | I'm trying to set up a conditional alert where if there are less than 50 results but greater than 0 results, I want t... 1 2 | 1 | 2 | |
| | Is there anyway to determine the sid or (search job id) from within an executing custom search command? Is this info... 2 3 | 2 | 3 | |
| | I want to build a dashboard that lists alert strings for administrators and creates some basic statistics on these ge... 0 2 | 0 | 2 | |
| | Is there a way to compress the size of the series listed on my report. I'm not seeing all series due to what appears... 0 5 | 0 | 5 | |
| | This is a tricky one (or is it?)... I have indexed Splunk data that looks like this (using multikv): device_name ... 1 22 | 1 | 22 | |
| | Hi, I'm having a problem using a saved search in multiple dashboards with different time modifiers (earliestTime and ... 0 1 | 0 | 1 | |
| | I am configuring SNMP traps based off of scheduled searches - does Splunk log this whenever a trap is generated? I as... 1 1 | 1 | 1 | |
| | Any way to make a scheduled searches "To" list be a result field from a search? 0 1 | 0 | 1 | |
| | If I save the following search as mysearch (sources and rule numbers changed to protect the innocent) ((sourcetype="... 1 9 | 1 | 9 | |
| | I pushed multiple saved searches from the deployment head to many production deployment clients. On the clients, I ca... 2 3 | 2 | 3 | |
| | The error message from the python.log: 2010-09-21 12:23:13,991 WARNING pdfhandler:625 - Firefox timed out while wait... 1 1 | 1 | 1 | |
